Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SvnCKXv_AIjbzIc0e0K9COdXRfw.roa
File: SvnCKXv_AIjbzIc0e0K9COdXRfw.roa (raw, json)
Hash identifier: 1ArsQEM0oVdgF4guPKVCoYM3rhU4V3KR7YfGqL4bGw8=
Subject key identifier: 4A:F9:C2:29:7B:FF:00:88:DB:CC:87:34:7B:42:BD:08:E7:57:45:FC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01876BB2A537FCC1F4FB286FD02A6B1CB4BF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SvnCKXv_AIjbzIc0e0K9COdXRfw.roa
Signing time: Mon 10 Apr 2023 15:04:42 +0000
ROA not before: Mon 10 Apr 2023 15:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.13.189.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:b2:a5:37:fc:c1:f4:fb:28:6f:d0:2a:6b:1c:b4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 10 15:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4af9c2297bff0088dbcc87347b42bd08e75745fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:47:20:5a:18:a0:06:76:1d:83:7c:0f:d4:cd:
16:eb:59:87:c9:1a:80:f2:1a:18:b2:99:2b:45:8e:
09:47:42:cc:e9:e9:c0:18:61:22:4c:7a:da:6e:cf:
51:1f:ab:7c:a3:bf:74:bf:9b:bd:ad:13:7d:bc:ec:
a0:32:c8:93:b5:47:48:c3:68:35:b8:ac:70:60:c0:
6c:97:e7:fc:0d:13:9a:9d:37:ad:f2:32:8e:5d:14:
70:64:c3:f6:3b:41:aa:f9:71:9a:d1:6f:82:95:44:
5e:1a:35:23:27:68:1d:35:89:b2:1c:57:e4:86:7b:
ec:51:b0:5f:ec:18:d9:d6:67:1c:c9:fb:3d:31:cf:
54:f7:26:31:49:ee:f7:6d:89:c2:0a:8d:b9:f5:1f:
b4:54:57:5a:f2:69:4e:ab:ca:c8:7e:e9:75:df:fc:
9a:58:21:d0:2c:d5:ae:a6:95:81:72:43:27:81:20:
05:59:31:78:74:9a:c1:e7:81:f3:cf:0b:af:5e:76:
f4:59:d4:93:14:c0:ca:6c:59:36:a5:58:41:19:a6:
b3:f9:0d:8a:99:8a:d2:c7:6c:be:19:0e:22:41:4a:
ad:51:6a:1f:79:03:0a:91:37:5b:3d:7e:d1:5f:da:
be:97:18:fa:e0:9c:4a:33:f5:27:b0:e0:dc:7d:07:
63:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F9:C2:29:7B:FF:00:88:DB:CC:87:34:7B:42:BD:08:E7:57:45:FC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SvnCKXv_AIjbzIc0e0K9COdXRfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.189.0/24
45.94.171.0/24
77.83.38.0/23
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
00:ea:86:12:2f:05:b4:e0:f0:47:63:2b:24:14:53:60:86:6a:
68:30:3b:d0:6a:ad:c5:eb:eb:34:62:17:c4:7a:fc:e1:c3:50:
a7:37:36:d6:4c:e6:7c:47:f7:c3:06:99:ac:60:ce:82:66:46:
aa:58:c6:1f:61:7f:26:f0:74:35:96:f8:11:68:28:06:a2:16:
53:14:dc:cb:14:da:24:85:6b:ec:bf:f6:01:21:27:96:69:46:
cf:81:f8:52:b1:50:b6:5f:d1:60:fc:ef:46:5c:7d:ce:93:32:
a8:fe:46:97:8f:48:80:0a:95:55:fc:ff:c5:22:5c:3b:52:40:
ca:5d:dd:16:f3:d4:8a:03:21:43:55:7e:e7:86:71:e8:64:3b:
d3:24:51:4a:06:a1:b9:a1:64:40:e9:57:2b:fa:37:f5:17:d3:
cd:23:d5:40:d4:bb:57:92:8e:a7:25:74:d4:34:69:24:ee:d7:
5a:ea:fa:23:17:6d:d9:eb:95:63:28:ae:5d:31:9c:32:9f:3d:
0e:a8:2e:9c:35:0a:28:6e:4a:18:61:2d:0e:7d:21:2c:ba:d5:
68:98:a5:e2:49:70:a1:c0:3b:9f:17:df:16:c7:23:64:88:9b:
71:2c:90:55:db:e1:55:e3:e9:1e:4b:d3:73:64:c4:4c:ac:4f:
6e:34:9d:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdrsqU3/MH0+yhv0CprHLS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDEwMTUwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWY5YzIyOTdiZmYwMDg4ZGJjYzg3MzQ3YjQyYmQwOGU3NTc0NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEcgWhigBnYdg3wP1M0W61mHyRqA
8hoYspkrRY4JR0LM6enAGGEiTHrabs9RH6t8o790v5u9rRN9vOygMsiTtUdIw2g1
uKxwYMBsl+f8DROanTet8jKOXRRwZMP2O0Gq+XGa0W+ClUReGjUjJ2gdNYmyHFfk
hnvsUbBf7BjZ1mccyfs9Mc9U9yYxSe73bYnCCo259R+0VFda8mlOq8rIful13/ya
WCHQLNWuppWBckMngSAFWTF4dJrB54HzzwuvXnb0WdSTFMDKbFk2pVhBGaaz+Q2K
mYrSx2y+GQ4iQUqtUWofeQMKkTdbPX7RX9q+lxj64JxKM/UnsODcfQdjxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEr5wil7/wCI28yHNHtCvQjnV0X8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvU3ZuQ0tYdl9BSWpiekljMGUwSzlDT2RYUmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ29AwQA
LV6rAwQBTVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQAA6oYSLwW04PBHYysk
FFNghmpoMDvQaq3F6+s0YhfEevzhw1CnNzbWTOZ8R/fDBpmsYM6CZkaqWMYfYX8m
8HQ1lvgRaCgGohZTFNzLFNokhWvsv/YBISeWaUbPgfhSsVC2X9Fg/O9GXH3OkzKo
/kaXj0iACpVV/P/FIlw7UkDKXd0W89SKAyFDVX7nhnHoZDvTJFFKBqG5oWRA6Vcr
+jf1F9PNI9VA1LtXko6nJXTUNGkk7tda6vojF23Z65VjKK5dMZwynz0OqC6cNQoo
bkoYYS0OfSEsutVomKXiSXChwDufF98WxyNkiJtxLJBV2+FV4+keS9NzZMRMrE9u
NJ3I
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org